Fixes #47568

It only impacts the case where the user code attempts to verify token manually, and only when the default tenant is used.

The current code is OK in principle, because a default tenant may actually set its own tenant id - but `quarkus-oidc` currently expects in different places that it is always going to be `Default`, and we should improve it with a dedicated PR, there is no strong practical reason for users to customize a default tenant id.